extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-24 19:51:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

Use the 'disposition' argument to expand_rule() to specify the target chain

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-08-26 08:40:24 -07:00
parent dc74b88445
commit bd8bcabdf0
3 changed files with 18 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -3488,7 +3488,7 @@ sub expand_rule( $$$$$$$$$$;$ )
# #
# We have non-trivial exclusion -- need to create an exclusion chain # We have non-trivial exclusion -- need to create an exclusion chain
# #
fatal_error "Exclusion is not possible in ACCEPT+/CONTINUE/NONAT rules" if $disposition eq 'RETURN'; fatal_error "Exclusion is not possible in ACCEPT+/CONTINUE/NONAT rules" if $disposition eq 'RETURN' || $disposition eq 'CONTINUE';
# #
# Create the Exclusion Chain # Create the Exclusion Chain
@ -3521,7 +3521,15 @@ sub expand_rule( $$$$$$$$$$;$ )
# #
# Log rule # Log rule
# #
log_rule_limit $loglevel , $echainref , $chain, $disposition , '', $logtag , 'add' , '' if $loglevel; log_rule_limit( $loglevel ,
$echainref ,
$chain,
$disposition eq 'reject' ? 'REJECT' : $disposition ,
'' ,
$logtag ,
'add' ,
'' )
if $loglevel;
# #
# Generate Final Rule # Generate Final Rule
# #
@ -3559,7 +3567,7 @@ sub expand_rule( $$$$$$$$$$;$ )
$loglevel , $loglevel ,
$chainref , $chainref ,
$logname || $chain, $logname || $chain,
$disposition , $disposition eq 'reject' ? 'REJECT' : $disposition ,
'', '',
$logtag, $logtag,
'add', 'add',
@ -3575,7 +3583,7 @@ sub expand_rule( $$$$$$$$$$;$ )
$loglevel , $loglevel ,
$chainref , $chainref ,
$chain, $chain,
$disposition , $disposition eq 'reject' ? 'REJECT' : $disposition ,
'' , '' ,
$logtag , $logtag ,
'add' , 'add' ,
@ -3595,8 +3603,8 @@ sub expand_rule( $$$$$$$$$$;$ )
# #
# Mark Target as referenced, if it's a chain # Mark Target as referenced, if it's a chain
# #
if ( $fromref && $target =~ /-[jg]\s+([^\s]+)/ ) { if ( $fromref && $disposition ) {
my $targetref = $chain_table{$chainref->{table}}{$1}; my $targetref = $chain_table{$chainref->{table}}{$disposition};
if ( $targetref ) { if ( $targetref ) {
$targetref->{referenced} = 1; $targetref->{referenced} = 1;
add_reference $fromref, $targetref; add_reference $fromref, $targetref;

4
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -150,7 +150,7 @@ sub process_tos() {
'' , '' ,
"-j TOS --set-tos $tos" , "-j TOS --set-tos $tos" ,
'' , '' ,
'' , 'TOS' ,
''; '';
} }
@ -279,7 +279,7 @@ sub setup_blacklist() {
'' , '' ,
"-j $target" , "-j $target" ,
'' , '' ,
$disposition , $target ,
'' ); '' );
progress_message " \"$currentline\" added to blacklist"; progress_message " \"$currentline\" added to blacklist";

4
Shorewall/Perl/Shorewall/Tc.pm
View File

@ -40,7 +40,7 @@ use strict;
our @ISA = qw(Exporter); our @ISA = qw(Exporter);
our @EXPORT = qw( setup_tc ); our @EXPORT = qw( setup_tc );
our @EXPORT_OK = qw( process_tc_rule initialize ); our @EXPORT_OK = qw( process_tc_rule initialize );
our $VERSION = '4.4_11'; our $VERSION = '4.4_13';
our %tcs = ( T => { chain => 'tcpost', our %tcs = ( T => { chain => 'tcpost',
connmark => 0, connmark => 0,
@ -393,7 +393,7 @@ sub process_tc_rule( ) {
'' , '' ,
"-j $target $mark" , "-j $target $mark" ,
'' , '' ,
'' , $target ,
'' ) ) '' ) )
&& $device ) { && $device ) {
# #